Date: Sun, 13 Jan 2002 18:56:11 +0200 (EET) From: Bernie <Bernie_X@myrealbox.com> To: "Crist J . Clark" <cjc@FreeBSD.ORG> Cc: Bernie <Bernie_X@myrealbox.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: ipfw logging + rules -- newbie Message-ID: <20020113185243.G1687-100000@BLAST> In-Reply-To: <20020112143301.C20890@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 12 Jan 2002, Crist J . Clark wrote: > On Sat, Jan 12, 2002 at 12:08:34PM +0200, Bernie wrote: > [snip] > > > in the /var/log/security i get many blocking messages, > > blocked by the last 'default' rule saying: > > > > /kernel: ipfw: 65435 Deny P:2 194.x.x.x 224.0.0.1 in via tun0 > > Those are IGMP packets. > > > 1. should i allow this ip? if i can connect to the isp with > > no problem, why does it want to connect to me? is this normal > > on dialup connections? > > Yes, it's pretty normal. The ISP's routers are trying to figure out if > your machine wants to/knows how to speak multicast. > > > 2. in the line above, what does the 'P:2' means? > > IP Protocol 2, IGMP. See protocols(5) and /etc/protocols. > > > and the > > 244.0.0.1? > ^ (you mean 224) > > The destination IP address. It's the "all systems" multicast address. > > > 3. is there any way to see more extensive info of the firewall > > log, ie more details? > > Not really. I've got some patches that enable additional information > in the URL below. > -- > "It's always funny until someone gets hurt. Then it's hilarious." thank you for your reply. i see what you mean... so i'll fix my firewall to allow that. btw, the patches you have, which one would match better 4.5-prerelease? or should i wait until i upgrade to 5 ? thanks again. i wouldnt have found that no way... Regards, Bernie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020113185243.G1687-100000>